The VPN Way
by Anthony Mongeluzo, PCS –
September 13, 2017
It’s the secret of being there without being there. In the digital world, we call that the virtual private network, or VPN, as most people refer to it. What it does is fairly simple. It allows people to enter into their computer network and engage in the tasks for which they are authorized — without physically being in the office.
The reality is that accounting has changed, and many clients expect an answer any time, all the time. With a VPN, you can offer those answers (presuming, of course, that’s how you intend to do business). In its simplest terms, a VPN allows you to connect to your office network securely no matter where you are, providing you have a computer and an internet connection. But it isn’t only connection. A VPN allows for an extra layer of security and features that become more appealing as we read about cyber-attacks and network breaches.
IT expert Evan Dashevsky explains the entire concept of a VPN nicely, noting that it provides greater control of how you’re identified online. “A VPN creates a virtual encrypted ‘tunnel’ between you and a remote server operated by a VPN service. All external internet traffic is routed through this tunnel, so your ISP (or anyone else) can’t see your data. Best of all, your computer appears to have the IP address of the VPN server, masking your identity.” This keeps your client’s data safe and secure.
Is There Any Downside to a VPN?
Some people report a slight decrease in computing speed, but that rarely happens if you have a solid connection and equipment that isn’t dated. Also, there is a cost. You need to ensure that you invest in the hardware and software to enable this service. If you are a smaller firm that lacks a large technology budget, do not fret. Many modern firewall and router solutions offer a secure, built-in VPN option for $500 or less that is ideal for a firm with 15 or fewer team members. VPNs in particular offer an added layer of privacy that you shouldn’t dismiss. The newer kid on the block is RDP, or remote desktop protocol, which Microsoft server platforms now call RD Gateway. It’s a matter of preference and features, but they both protect against brute force intrusion. With Microsoft, you will need a Windows Server and have to purchase some additional licensing. This works great for larger firms, and the technology is cutting edge.
Added Security Measures
Nearly everyone uses passwords to maintain privacy. However, using a brute force program, an intruder can scan through tens of thousands of potential passwords until they key onto the correct one, and bingo, they’re in. In an accountant’s world, that means the intruder is not only prowling through your private information but your clients’, too. It is imperative that you use strong and complex passwords that are regularly updated. And it is strongly recommended that you look into cyber insurance. The threats are real, and any time you open up your network for VPN or RDP access you are inviting or tempting hackers to try to break down your door and literally try to strike gold in the form of information they can use for identity theft or fraud.
Security is of the utmost importance if you have any remote access, either through a traditional VPN or an RDP version. Costs can vary, and your information technology professional is the best person to provide direction about whether a free, bare-bones model for your practice makes sense or if your accounting practice needs a full-fledged system.
This article appeared in the September/October 2017 issue of New Jersey CPA magazine. Read the full issue.